Due to either your own or your customer’s IT and security requirements, you may need to take special care to avoid triggering firewalls, by pre-testing your connections and whitelisting IP addresses.

The information below is offered for your convenience and may change as a result of changes to third-party platforms mentioned (e.g. Wowza, Vonage and Twilio).
​

To help prepare for trouble-free connection, Vonage offers this general pre-call test to evaluate network latency and bandwidth, and troubleshoot any potential problems: https://tokbox.com/developer/tools/precall/

This Vonage guide is designed to help you allow connection even when either you or your attendees are on strict networks and/or devices: https://tokbox.com/developer/guides/restricted-networks/

See elswehere in this article for RTMP - Wowza information.

For Vonage, there are recommended ports and domains to whitelist, and a number of other connectivity requirements. This article has more information:

https://api.support.vonage.com/hc/en-us/articles/11117874324508-What-are-the-Vonage-Video-API-network-connectivity-requirements

The OnAIR portal has other domains that should remain unblocked (whitelisted) to help prevent connection problems. These are the minimum firewall access requirements and Wowza recommendations:

*.video.wowza.com

[your EventsAir alias here, without the square brackets].eventsair.com

azurewebsites.net

cdn3.wowza.com

endpoint.twilio.com

eventsair.com

eventsairmobileaueprod.table.core.windows.net

*.flowplayer.com

global.vss.twilio.com

gstatic.com

*.lwcdn.com

*.millicast.com

mobile-endpoint.twilio.com

msecdn.net

onairprod.azurewebsites.net

onairprod.queue.core.windows.net

opentok.com

portalapp.ALIAS.eventsair.com

sdkgw.us1.twilio.com

tokbox.com

twilio.com

vonage.com

windows.net

*.wowza.com

​PLUS

Port 1935/1934 for RTMP (only if required) - see Wowza information below also.

Otherwise, services do not use reserved ports and communicate over 80/443/8080/8443.

If you’re using Twilio for meetings or live support, you should ensure the Twilio and Vonage domains listed above are whitelisted, and also use the Twilio network test:

networktest.twilio.com

Find out more about Twilio connectivity and bandwidth requirements here:

https://help.twilio.com/articles/223180888-Twilio-Voice-JavaScript-and-Mobile-SDK-Network-Connectivity-and-Bandwidth-Requirements;

RTMP, internet transfer protocols that can be transmuxed to WebRTC supports only the H.264 video codec.

Read more on Broadcasting to Wowza Video™ Real-Time Streaming at Scale.
​

If behind a restrictive network, use the information below to configure your firewall whitelist correctly to allow Real-time Streaming services to pass through:

We also recommend whitelisting the following domains:

*.wowza.com
*.flowplayer.com
*.lwcdn.com
*.cloudflare.com
*.millicast.com
*.twilio.com

Wowza has said they can't provide a definitive list of IP addresses to whitelist as, due to the dynamic scaling of the Wowza service, they can't guarantee the same range. If you need to whitelist IP ranges, Wowza recommends referring to the region-specific IP addresses lists published by cloud providers.

* See Oracle's IP list for a detailed IP range for publishing ingress servers.
​

STUN and TURN servers are crucial in WebRTC communication, allowing users to connect and stream content effectively. These servers follow IETF standard protocols to manage Network Address Translation (NAT) during communication sessions.

The Session Traversal Utilities for NAT (STUN) assist servers and clients in determining their public IP addresses when they are behind a NAT/Firewall. When a host wants to accept an incoming connection, it provides this public IP address as a possible connection point. If the NAT/Firewall still prevents direct connectivity between the viewer and media server, a connection is established using the Traversal Using Relay around NAT (TURN) service, which enables media relay between the two parties.
​

STUN/TURN IP addresses were last updated 2024-11-04

Wowza Flowplayer uses several subdomains. This product is deployed within the AWS infrastructure. The Amazon AWS complete list of IP ranges are available here. Wowza also suggest checking firewall / network restrictions to enable http/3 QUIC if this option is available. Suggested subdomains for whitelisting are listed below.